Cyber security is always top of mind for Selectron. While all types of organizations can be targeted by malicious attacks, state and local governments are prime targets. According to Brett Callow, a threat analyst from Emsisoft Security, in 2024 alone there have been 45 ransomware attacks on local government agencies. With our focus on serving government and adjacent organizations, we understand the very real possibility of our clients becoming a target.

Security Breach – Case Study

Unfortunately, one of our clients experienced such an attack on their network environment earlier this year. While a ransomware attack can be very unsettling, with the right response plan the incident can be mitigated quickly. This client had an on-premise IVR and Web payments solution.

Selectron’s Incident Response Plan

Initial response:

We immediately assembled our client’s project team and security group to understand the threat and how to address it. As an on-premise client, the Selectron solution was integrated with the client’s network and infrastructure, and so we immediately shut off all existing network access to the client’s network to prevent the threat from continuing to spread.

During:

Once we understood the threat, we created an action plan that was empowered by our knowledge and experience with the client. We then transitioned their host integration from their premises to our cloud environment. As we had already been in communication with this client about the possibility of moving their solution to our cloud environment, we had already laid the groundwork for that transition and were able to make faster progress.

After:

Once the threat was contained, Selectron made some specific security choices for this client in particular. By moving the solution to our cloud environment, we were now responsible for maintaining and monitoring their security. We first added a third layer of security to the web solution as they were already a target. This additional layer of edge security prevents potentially malicious actors from even finding the website, let alone accessing the ability to infiltrate.

Safeguarding Security

Within one month the client’s systems were back online with web and IVR cyber security covered by Selectron. Our established relationship with this client allowed us to activate the response plan quickly, working in partnership to cover the many aspects of recovery post-breach. The client now has peace of mind with Selectron’s proactive detection and timely response monitoring. With a renewed focus on serving the public, the client can move forward with better workflows.

Selectron is the leading provider of citizen self-service solutions for local government and understands the local government’s responsibility to protect citizen data. Our approach to layered security begins with investments in our team: from providing in-depth training on broad security and compliance concepts that include OWASP, NIST, and PCI-DSS; to achieving highly applicable certifications that include CompTIA PenTest+, Security+, and CISSP. Our hosted environment is built from the ground up to meet the exacting specifications of the PCI-DSS, and as a Secure Software Lifecycle-accredited company, our applications are developed in adherence to the Secure Software Framework. Selectron believes that cybersecurity is a fundamental deliverable in every solution we provide.